Release Version 7.6.4

Release Date: 13th October 2020

What’s New?

Log Parser for Sophos Firewall

Development and variations are made for the Sophos Firewall. A few parsers are added for audit logs to fall in the configured Sophos category.

ACL Management Support

An admin will be able to control functions such as adding newer ACL (Access Control List) rules as well as viewing/editing them. Also, the support of centralized management of the ACL is added.

Separate Log Management

Support of horizontal scaling is added for processing. Here, a new server is added for separate processing of Log Parsers.

Note: As of now we are only implementing one single additional log server.

Linking of Two Interfaces

The connection of any two devices with each other via two links in Manual Topology is possible now.

Improved Security Application Vulnerabilities

Some of the observed security vulnerabilities are improved which includes major changes in the JDK Libraries Version – 1.8.0_251. For this mysql-database-metric and mysql-server-metric plugin is updated to version 2.5 and 2.3 respectively.

SSH Script Authentication

Users will be able to discover SSH script monitors via Password-based authentication as well as Key-based authentication. Support of Key-based authentication is only for key generated using the RSA algorithm. For this, the SSH script plugin is updated to version 8.1.

SNMP Based Windows Polling Process

By default the ‘Enable Process Monitoring’ is disabled. If this is enabled all the processes for fetching the services will start. For this Linux-SNMP and Windows-SNMP plugin are updated to 8.1 and 8.3 respectively.

Note: Supported for SNMP V2 and above.

The Disk Latency metric is removed from vm-ware widget. For this, the vm-ware plugin is updated to version 7.8.

Segregation for User Roles

Partial rights to the admin panel can be set in the user role, where a user can choose the admin panel modules to give rights.

Software Image and SMU Repository

Now, users will be able to upload any software image/SMU. Also, in the case of vendor software, all the details such as Vendor name, vendor family, device type, number of images will be shown. In the case of up-gradation of image/SMU is to be performed, it is also supported. For this, the SSH and Telnet plugins are updated to version 3.5 and 2.7 respectively.

Note: As of now this feature is supported with Cisco IOS Software only.

Support for AES192 and AES256 Protocols

Users will now be able to:

Discover and Poll with SNMPv3 privacy protocol AES192 and AES256
Create auto-topology based CDP/LLDP with privacy protocol AES192 and AES256

For this, the Topology Builder plugin is updated to version 6.3.

MySQL Updated

Both MySQL Server and MySQL Database metric collector plugins are updated to version 2.3 and 2.5 respectively. Also, a successful discovery was run for Mysql version 8.0.21.

Note: This is supported by v7.6.4 and above.

Auto-ticket Creation with ServiceNow using RabbitMQ

A new plugin Rabbit MQ is introduced with version 1.0, which is integrated with NTT. RabbitMQ JMS will send alerts and auto-ticket will be generated on that basis. Also, all the available options for ticketing are provided and backend log generation is also supported.

Bug Fixes

When we select view type as Grid or Chart+Grid, the widget properties were getting reset to the chart’s default widget property. Due to which the hide/show or any property related to the grid was not working, which is resolved now.
When downgrading the IIP licenses, the displayed error message was wrong. It is corrected from “Number of monitors should have more value than the previous license” to “Number of monitors should have less or equal value against purchase license”.
If any credential profile was deleted assigned to any network discovery profile, then the network discovery profile was also getting deleted. This issue is resolved now and an error message “Selected credential profile cannot be deleted, as it’s in use” will be prompted if the user tries to delete.
Inbound filter entries were not getting displayed after the creation, which is resolved now with the addition of few entries in the table.
When adding any switch to a virtual terminal in NCM, the system prompts for credentials. If, in any case, the password included any special character, the NCM terminal was throwing an error. This is resolved now and the URI Query parameters are fixed.
An issue was observed where the jetty services of the system stopped suddenly. Now the issue is resolved and the jetty services are added to the watchdog list. This will prevent the services to stop and start them automatically in case of failure.
Juniper Switch symbol was not getting displayed correctly on UI, which is resolved now. For this, the Juniper Switch plugin is updated to version 8.2.
An issue was observed where the timeline of the report and widget was showing wrong, which is resolved now and the logic of date-time is improved.
The output of SSH Script Monitor was not displaying multiline and correct outputs, which is resolved now. Also, for this, the SSH Script plugin is updated to version 1.8.
An issue was observed where the Cisco Switch was not discoverable, which is resolved now. For this, the SSH NCM plugin is updated to version 3.4.
An issue was observed where on the deletion of department or user roles, users were getting deleted, which is resolved. Now, users are not allowed to delete departments and roles if there are other users using them.
An issue was observed where logs were not getting generated and messages were getting queued, which is resolved now. Changes are made and new parsers are added. Also, the Universal Log Parser plugin is updated to version 7.2.
As per observation, there was an issue while restarting the Motadata services of the master, which is resolved now.
An issue was observed while fetching the interface traffic of Centos 7.7, which is resolved now. For this, the Linux plugin is updated to version 8.5.
The viewing and fetching of interface statistics of IBM AIX were not working properly, which is corrected now. For this, the IBM AIX plugin is updated to version 8.1.
An issue was observed where the details of VMware ESXI were not showing in GUI when added by VMware ESX/ESXI Metric for monitor, which is resolved now. For this, the vmware-exsi plugin is updated to version 7.8.
When the devices were discovered by Windows SNMP and Linux SNMP, the RTT metric was not getting displayed. This is resolved now, where Windows SNMP and Linux SNMP parameters are added in plugin files. Also, the Windows SNMP and Linux SNMP are updated to version 8.2 and 8.0 respectively.
When Nginx Server or Mongo database was discovered, an error was popping up, which is resolved now. For this, the jar files in the Nginx plugin is updated with version 2.3.
The system was throwing error Trap logs after upgrading to the latest version, which is resolved now.
The metrics of RTT and packet loss were not displayed when discovered by VMware ESX/ESXI, which is resolved now. For this, the vmware plugin is updated to version 7.9.
In the Linux discovered device, network parameters were not displaying, which is resolved now. For this, the Linux plugin is updated to version 8.5.
Disk I/O and service related information were not displaying for the IBM-AIX machine, which is resolved now. Service logic is added to python. For this, the IBM-AIX plugin is updated to version 8.2.
Security vulnerabilities are fixed which includes Content Security Policy, few web directories, HTML form without CSRF protection, Cache-Control parameter, and account lockout policy.

What’s New?​

Log Parser for Sophos Firewall​

ACL Management Support​

Separate Log Management​

Linking of Two Interfaces​

Improved Security Application Vulnerabilities​

SSH Script Authentication​

SNMP Based Windows Polling Process​

Disk Latency Widget Removal​

Segregation for User Roles​

Software Image and SMU Repository​

Support for AES192 and AES256 Protocols​

MySQL Updated​

Auto-ticket Creation with ServiceNow using RabbitMQ​

Bug Fixes​